Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/0a0c19-023c-40f5-a772-ebd69d7734f0/1/8AI84rpaHU_QpeIn3nTLxB0rucg.mft
File:                     8AI84rpaHU_QpeIn3nTLxB0rucg.mft (raw, json)
Hash identifier:          xs3PQTeXkw0LNGQAAxzeTBiVdiQurBv6qeR7V2oJIP8=
Subject key identifier:   C7:26:1E:E6:35:73:DE:39:34:A0:FE:C5:97:92:75:18:90:04:B7:D2
Authority key identifier: F0:02:3C:E2:BA:5A:1D:4F:D0:A5:E2:27:DE:74:CB:C4:1D:2B:B9:C8
Certificate issuer:       /CN=f0023ce2ba5a1d4fd0a5e227de74cbc41d2bb9c8
Certificate serial:       01967C45B68A003F8F51F44F2BC1B1C62945
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8AI84rpaHU_QpeIn3nTLxB0rucg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/0a0c19-023c-40f5-a772-ebd69d7734f0/1/8AI84rpaHU_QpeIn3nTLxB0rucg.mft
Manifest number:          125B
Signing time:             Mon 28 Apr 2025 12:01:05 +0000
Manifest this update:     Mon 28 Apr 2025 12:01:05 +0000
Manifest next update:     Tue 29 Apr 2025 12:01:05 +0000
Files and hashes:         1: 8AI84rpaHU_QpeIn3nTLxB0rucg.crl (hash: sk3wOQ4jGfRgkE3Tt34mApGT3WYCq8cBhgaRkVek4vc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7d/0a0c19-023c-40f5-a772-ebd69d7734f0/1/8AI84rpaHU_QpeIn3nTLxB0rucg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7d/0a0c19-023c-40f5-a772-ebd69d7734f0/1/8AI84rpaHU_QpeIn3nTLxB0rucg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8AI84rpaHU_QpeIn3nTLxB0rucg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Apr 2025 12:01:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7c:45:b6:8a:00:3f:8f:51:f4:4f:2b:c1:b1:c6:29:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f0023ce2ba5a1d4fd0a5e227de74cbc41d2bb9c8
        Validity
            Not Before: Apr 28 12:01:05 2025 GMT
            Not After : Apr 29 12:01:05 2025 GMT
        Subject: CN=c7261ee63573de3934a0fec5979275189004b7d2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:4f:c2:f7:df:17:fd:f9:6c:66:ef:2d:05:16:
                    63:4f:f3:72:47:66:84:44:93:19:ce:47:3d:30:c5:
                    06:f0:6b:43:b0:12:16:8f:59:5d:d8:89:7d:68:ee:
                    e0:d5:01:00:fa:63:89:3f:f3:94:9d:7d:94:29:e8:
                    47:d4:5e:c6:dd:e9:c9:53:89:a1:fa:ff:7b:0e:56:
                    9d:f9:ea:a6:5a:be:85:60:9c:36:bc:b4:f3:08:ea:
                    eb:ec:dc:7e:bf:d4:31:ce:9c:2e:e5:5b:bb:1b:fd:
                    3d:34:81:52:9c:a8:b4:44:9c:aa:5c:35:67:f3:c7:
                    b4:be:54:a3:99:74:6d:b9:7a:a4:08:d9:a9:bc:74:
                    87:ac:b4:20:f0:9b:18:77:da:46:f5:94:fa:4d:31:
                    22:0b:4c:6c:a9:f6:89:e8:17:c4:4e:8d:ec:65:9d:
                    3f:5f:05:ef:df:09:88:56:3d:20:35:f3:e2:2d:9a:
                    50:31:47:cf:2f:63:10:fe:d7:93:df:e7:82:cb:d5:
                    7d:cf:87:17:08:06:18:59:1f:0e:d9:54:88:c0:eb:
                    75:2e:b4:75:1a:34:18:f4:32:5e:e1:4c:5e:74:01:
                    18:1d:92:ab:dc:51:8d:a5:65:41:61:12:5b:7c:4d:
                    4a:73:2c:33:5d:6e:7f:3b:d1:2b:43:5b:65:d4:94:
                    ba:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:26:1E:E6:35:73:DE:39:34:A0:FE:C5:97:92:75:18:90:04:B7:D2
            X509v3 Authority Key Identifier:
                keyid:F0:02:3C:E2:BA:5A:1D:4F:D0:A5:E2:27:DE:74:CB:C4:1D:2B:B9:C8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8AI84rpaHU_QpeIn3nTLxB0rucg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/0a0c19-023c-40f5-a772-ebd69d7734f0/1/8AI84rpaHU_QpeIn3nTLxB0rucg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/0a0c19-023c-40f5-a772-ebd69d7734f0/1/8AI84rpaHU_QpeIn3nTLxB0rucg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:04:2b:cb:07:0c:66:79:0c:b7:fd:10:f7:60:ee:db:ef:4e:
         cd:e4:07:03:b1:d9:de:2a:e6:b3:97:e4:53:8f:ad:1c:4d:8b:
         06:25:94:a9:2f:2a:fa:c2:77:39:98:a6:27:f5:a8:7b:03:69:
         68:f7:3e:1b:0f:1a:79:2b:2a:cb:a8:dc:8d:a5:d4:38:fc:17:
         5d:d6:01:09:50:f4:41:5d:3a:c4:c3:c2:d3:56:a3:c6:70:2a:
         93:cc:0d:ed:4b:57:f3:51:e0:e9:3c:ba:99:8e:5c:6e:91:0f:
         aa:8b:7d:a4:28:5c:d2:fa:b2:a7:ea:91:79:59:30:08:e4:d7:
         fb:87:1f:7b:42:76:bf:43:3b:d2:87:4f:81:e3:0c:0d:5b:6f:
         63:95:43:b3:f2:2e:c4:8c:2e:c2:b0:fe:38:33:65:85:49:21:
         38:93:26:32:11:82:95:6e:e6:4c:3f:36:da:f1:f8:3d:06:57:
         85:8f:2e:84:d5:b7:93:5f:ab:c2:58:23:a6:dc:ac:d1:a1:a6:
         e2:80:a6:99:29:ec:86:90:20:37:f9:90:87:56:29:cf:f3:17:
         74:fa:8d:15:13:91:85:4c:c2:3a:45:3d:36:0b:bd:6d:70:4d:
         ed:08:05:27:2d:98:29:4b:7f:a9:3a:9e:bc:b9:e8:ca:09:48:
         f3:72:a2:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ8RbaKAD+PUfRPK8GxxilFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMDIzY2UyYmE1YTFkNGZkMGE1ZTIyN2RlNzRjYmM0MWQy
YmI5YzgwHhcNMjUwNDI4MTIwMTA1WhcNMjUwNDI5MTIwMTA1WjAzMTEwLwYDVQQD
EyhjNzI2MWVlNjM1NzNkZTM5MzRhMGZlYzU5NzkyNzUxODkwMDRiN2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnU/C998X/flsZu8tBRZjT/NyR2aE
RJMZzkc9MMUG8GtDsBIWj1ld2Il9aO7g1QEA+mOJP/OUnX2UKehH1F7G3enJU4mh
+v97Dlad+eqmWr6FYJw2vLTzCOrr7Nx+v9Qxzpwu5Vu7G/09NIFSnKi0RJyqXDVn
88e0vlSjmXRtuXqkCNmpvHSHrLQg8JsYd9pG9ZT6TTEiC0xsqfaJ6BfETo3sZZ0/
XwXv3wmIVj0gNfPiLZpQMUfPL2MQ/teT3+eCy9V9z4cXCAYYWR8O2VSIwOt1LrR1
GjQY9DJe4UxedAEYHZKr3FGNpWVBYRJbfE1KcywzXW5/O9ErQ1tl1JS69wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMcmHuY1c945NKD+xZeSdRiQBLfSMB8GA1UdIwQY
MBaAFPACPOK6Wh1P0KXiJ950y8QdK7nIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEFJODRycGFIVV9RcGVJbjNuVEx4QjBydWNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8wYTBjMTktMDIzYy00MGY1LWE3NzIt
ZWJkNjlkNzczNGYwLzEvOEFJODRycGFIVV9RcGVJbjNuVEx4QjBydWNnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8wYTBjMTktMDIzYy00MGY1LWE3NzItZWJkNjlkNzczNGYw
LzEvOEFJODRycGFIVV9RcGVJbjNuVEx4QjBydWNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAagQrywcM
ZnkMt/0Q92Du2+9OzeQHA7HZ3irms5fkU4+tHE2LBiWUqS8q+sJ3OZimJ/WoewNp
aPc+Gw8aeSsqy6jcjaXUOPwXXdYBCVD0QV06xMPC01ajxnAqk8wN7UtX81Hg6Ty6
mY5cbpEPqot9pChc0vqyp+qReVkwCOTX+4cfe0J2v0M70odPgeMMDVtvY5VDs/Iu
xIwuwrD+ODNlhUkhOJMmMhGClW7mTD822vH4PQZXhY8uhNW3k1+rwlgjptys0aGm
4oCmmSnshpAgN/mQh1Ypz/MXdPqNFRORhUzCOkU9Ngu9bXBN7QgFJy2YKUt/qTqe
vLnoyglI83KiOA==
-----END CERTIFICATE-----